A PYMNTS Company

EU Cybersecurity Label Vote Delayed Amidst Big Tech Debate

 |  April 16, 2024

National cybersecurity experts within the European Union have postponed a crucial vote on a draft EU cybersecurity label, extending the timeline for tech giants like Amazon, Google, and Microsoft to vie for EU cloud computing contracts until May. This decision comes amidst deliberations regarding the requirements that should be imposed on major tech firms to qualify for the highest level of cybersecurity certification.

The proposed cybersecurity certification scheme (EUCS) aims to establish a framework ensuring the cybersecurity integrity of cloud services to assist governments and enterprises in selecting secure and trustworthy vendors for their cloud computing needs, according to a report by Reuters. However, disagreements over the extent of regulations imposed on Big Tech has prevented the scheme from being finalized.

Related: New US Cybersecurity Strategy Advocates Tech Regulation

The expert panel, convening on Monday and Tuesday in Brussels, refrained from voting on the latest version presented by EU cybersecurity agency ENISA in 2020. This revised version, influenced by Belgium’s current EU presidency, omitted the sovereignty requirements present in prior proposals which would compell U.S. tech giants to either establish joint ventures or collaborate with EU-based entities for data storage and processing within the bloc in order to qualify for the highest cybersecurity label.

While major tech companies welcomed the removal of sovereignty requirements, criticism emerged from EU-based cloud vendors and businesses such as Deutsche Telekom, Orange, and Airbus. They expressed concerns over the potential for unlawful data access by non-EU governments, citing the absence of safeguards inherent in the previous proposal.

Following the delay in the experts’ vote, the next procedural step involves soliciting opinions from EU member states, culminating in a final decision by the European Commission.

Source: Yahoo